Enabling permission PACKAGE_USAGE_STATS without User Intervention - Android Software/Hacking General [Developers Only]

Hi,
I am developing a statistics gathering application for one of the local vendors. I need to grant the PACKAGE_USAGE_STATS permission without user intervention.
As I see it on a factory reset phone certain apps which are pre-installed in the phone already have this enabled. Even if I install the apk as a system app. I still need to enable the permission manually under Settings->Security->Apps With Data Usage.
Any insight on how I can accomplish this?

Related

Good For Enterprise

Has anyone been able to get this working with Root? I install fine, enter my pin and it goes through but since I have root it doesnt sync. Im running liberty, any suggestions
matt1313 said:
Has anyone been able to get this working with Root? I install fine, enter my pin and it goes through but since I have root it doesnt sync. Im running liberty, any suggestions
Click to expand...
Click to collapse
Checking for root is configurable by your IT area. My account is not setup to check for root but I have had other problems. Can you easily unroot and reroot your device so Good would work except for the rare times that you actually need root? One problem I have had is the initial setup would never complete (stops at retrieving policies) unless I go back to stock eclair, get it working and back it up via Titanium backup, then upgrade to Froyo or GB, and then restore it. Mine continues to work via root though. The other problem I have had is if I ever restore to an earlier state (using the same PIN), it will stop syncing. I need a new PIN issued to get it working again.
I'm reading that IT admins can lock your phone camera, wipe SD card, etc.
What other kinds of things can they do once "Good for Enterprise" is installed on your personal phone?
Nate2 said:
I'm reading that IT admins can lock your phone camera, wipe SD card, etc.
What other kinds of things can they do once "Good for Enterprise" is installed on your personal phone?
Click to expand...
Click to collapse
I was involved in piloting "Good for Enterprise" for my company. I do know that the possible "controls" vary depending on the platform. Good for Enterprise on the IPhone will have much more control because the devices (hardware) and OS are very limited compared to Android. Keep that in mind as you read some of these items if they don't mention which platform. Also, the Good application would have to be granted root access to your phone "I believe" in order to do any of the items you mentioned. If you are running a custom ROM and have the "SuperUser" app, you would see if it had that access. I "think" it will be very hard for Good to implement some of those controls unless the Android OS provides an API for it because the underlying hardware can vary so much. I'm not a developer but I think that is correct.
Also, if you work for any decent sized company, they will be very concerned about the legal aspects of company provided software deleting (or even reading) personal information outside the "Good container". I mention the word container because Good provides encryption of everything within the app so it can not be read by anything outside the app (such as root explorer). I have successfully backed up and restored the encrypted data to another ROM but it is just bits to Titanium Backup or anything else. Feel free to PM me if you have any other questions on it that I might be able to answer. I know the admin for Good for our company that I could ask other questions.
I'm reading that the installation can detect jailbroken iPhones and rooted Android devices, and if the IT admins decide, they can configure it to refuse installation on such devices to prevent compromising Good's security/integrity of its resources.
(I'm not rooted, and don't plan to root my DroidX, so it is a moot point for me)
I heard from Verizon that IT admins can remotely control hardware components, including cameras, Bluetooth and IR ports, SD Cards, and more.
Things I'd like to know... can IT admins:
Track/monitor internet usage on the device?
Track/monitor GPS usage?
Copy non-Good related resources (e.g. files) from the device or SD card?
Lock the device?
Locate the device?
Wipe non-Good related resources?
Does the Good app send device System Logs to the IT folks?
Phone call logs?
App Permissions:
YOUR ACCOUNTS
ACT AS AN ACCOUNT AUTHENTICATOR Allows an application to use the account authenticator capabilities of the AccountManager, including creating accounts and getting and setting their passwords.
MANAGE THE ACCOUNTS LIST Allows an application to perform operations like adding, and removing accounts and deleting their password.
SERVICES THAT COST YOU MONEY
DIRECTLY CALL PHONE NUMBERS Allows the application to call phone numbers without your intervention. Malicious applications may cause unexpected calls on your phone bill. Note that this does not allow the application to call emergency numbers.
NETWORK COMMUNICATION
FULL INTERNET ACCESS Allows an application to create network sockets.
YOUR PERSONAL INFORMATION
READ CONTACT DATA Allows an application to read all of the contact (address) data stored on your device. Malicious applications can use this to send your data to other people.
READ SENSITIVE LOG DATA Allows an application to read from the system's various log files. This allows it to discover general information about what you are doing with the device, potentially including personal or private information.
WRITE CONTACT DATA Allows an application to modify the contact (address) data stored on your device. Malicious applications can use this to erase or modify your contact data.
PHONE CALLS
READ PHONE STATE AND IDENTITY Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and the like.
STORAGE
MODIFY/DELETE USB STORAGE CONTENTS
MODIFY/DELETE SD CARD CONTENTS Allows an application to write to the USB storage. Allows an application to write to the SD card.
SYSTEM TOOLS
RETRIEVE RUNNING APPLICATIONS Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
PREVENT DEVICE FROM SLEEPING Allows an application to prevent the device from going to sleep.
YOUR ACCOUNTS
DISCOVER KNOWN ACCOUNTS Allows an application to get the list of accounts known by the device.
HARDWARE CONTROLS
CONTROL VIBRATOR Allows the application to control the vibrator.
NETWORK COMMUNICATION
VIEW NETWORK STATE Allows an application to view the state of all networks.
VIEW WI-FI STATE Allows an application to view the information about the state of Wi-Fi.
SYSTEM TOOLS
READ SYNC STATISTICS Allows an application to read the sync stats; e.g., the history of syncs that have occurred.
AUTOMATICALLY START AT BOOT Allows an application to have itself started as soon as the system has finished booting. This can make it take longer to start the device and allow the application to slow down the overall device by always running.
KILL BACKGROUND PROCESSES Allows an application to kill background processes of other applications, even if memory isn't low.
Sent from my unrooted DroidX using XDA App
I've been using EVO CM7 nightlies for quite a while now and never had issues with Good for Enterprise. With last 3 versions of nightlies, Good hasn't worked. When trying to reinstall Good, it says there is no phone network when trying to register. When looking at Device Info in Good setup screen, it doesn't have a phone number. Tried clearing, data, all cache, etc.
Is anyone else having this issue? It's like CM7 is not sending the phone string to Good when calling it.
A coworker also uses CM7 (not nightlies) and has no issues with Good on EVO. The phone number shows up in Good device info on his EVO.
I had the same problem, but I'm luckily an admin at our company on the good software. After messing around with it... this is what I had to do.
1. Uninstall Good from your phone on CM7 (Must be uninstalled at first for this to work....)
2. Reboot into Recovery and make a Nandroid Backup
3. Wipe the both Caches and Data, Install a Sense Rom
4. Install Good Mobile and have you admin resend you the email to enroll your phone
5. After entering the code and entering a password.. the Good will try to pull emails... kill the good app before this.
6. With Titinium Backup, backup Good and its Data.
7. Reboot into recovery.
8. Wipe the both Caches and the Data... Recover your previous CM7 Nandroid backup.
9. In CM7 launch Titanium backup and restore Good Mobile and its Data.
Worked after that... this way Good would communicate with the phone during the enrollment... which for some reason with CM7 it doesn't work... and just complains about not being connected to your mobile network.
Coincidentally I've just put up another post relating to IMSI numbers which was prompted by Good refusing to activate as some devices are reporting the same 1st 6 digits of their IMSI rather than the full 15 that Good uses to authenticate the license relative to the specific SIM card the license is for. Has anyone else come across this issue with Good?
matt1313 said:
Has anyone been able to get this working with Root? I install fine, enter my pin and it goes through but since I have root it doesnt sync. Im running liberty, any suggestions
Click to expand...
Click to collapse
Mine quit syncing after the first day. I had to upgrade my personal unlimited data plan to a corporate/enterprise data plan for an additional $15/month with Verizon, and reinstall Good.
Sent from my unrooted DroidX using XDA App
Sievers said:
I had the same problem, but I'm luckily an admin at our company on the good software. After messing around with it... this is what I had to do.
1. Uninstall Good from your phone on CM7 (Must be uninstalled at first for this to work....)
2. Reboot into Recovery and make a Nandroid Backup
3. Wipe the both Caches and Data, Install a Sense Rom
4. Install Good Mobile and have you admin resend you the email to enroll your phone
5. After entering the code and entering a password.. the Good will try to pull emails... kill the good app before this.
6. With Titinium Backup, backup Good and its Data.
7. Reboot into recovery.
8. Wipe the both Caches and the Data... Recover your previous CM7 Nandroid backup.
9. In CM7 launch Titanium backup and restore Good Mobile and its Data.
Worked after that... this way Good would communicate with the phone during the enrollment... which for some reason with CM7 it doesn't work... and just complains about not being connected to your mobile network.
Click to expand...
Click to collapse
I previously had a similar problem that I mentioned above - on custom FROYO ROMs it would stop at retrieving policies but flashing to stock eclair, I could finish the setup (and let all current emails come in) and then backup via TB, flash to custom FROYO, then restore and it would be all set. However, when I recently reinstalled Good on Continuum 5.5, I decided to try to let it complete the setup and it did with no problem. I only tried that since my IT admin setup "self-service" for me. I can access a link where I can send a new PIN for my account since it can easily stop syncing. The PIN goes to your corporate email so it is safe to allow.
@Nate2 - sorry I didn't see your post previously. Yes, there are Good policies that can be setup to detect "jailbroken" IPhones, etc. At my company, Good on Android is still not a standard offering because corporate policies are limited to what they can do on Android due to the numerous OS and hardware combinations. However, I have been pushing simply putting trust in the Good encryption (AES 256 if I remember right). Looking at the permissions of the app makes it look at first glance like it can do anything. However, I don't think it is as extensive as it seems. The only "data" outside the Good container that can be read by the app "to my knowledge" is the contact info. This is because your IT administrator can allow Good to sync corporate contact info (in Good) to your phone's contact info. This allows you to easily see who is calling (rather than a phone #) if it is one of your corporate contacts. Although it can access (modify/delete) SD contents, it doesn't say "Read". I don't think I am "reading" too much into that... For internet access, I know Good is working on adding in internet access (from inside the Good container) so browser access is allowed. I am "guessing" this is mostly for IPhones, etc. where the IT admin could stop internet access outside the Good container. That way they could control internet access on a "corporate" device. This is speculation on my part, though. I do think it can send device logs which is required "I think" to detect root access. Look over all the permissions listed keeping in mind READ access to system logs and contact info only and it seems to fit. Therefore, I think they probably can detect that you enabled/disabled GPS but I "doubt" they can detect where you went since I don't "think" that goes in system logs that they pull. If you still have any question, send me a PM since I don't frequently check this thread.
Thanks RichMD.
I once worked in a large company where a sysadmin was fired for accessing the corporate e-mail of an employee (his ex-girlfriend). She reported the incident to HR. Possible access to additional sensitive resources on the phone makes these kinds of incidents worse, and that's why we should be cautious.
Sent from my unrooted DroidX using XDA App

Why isn't there Linux style root on Android?

This is something I have been wondering for a while and after searching the forums and Google I have not been able to find a clear answer. As a long time Linux user the idea of running your system as root all the time is appalling. It is a huge security risk. But for some reason that is really the only way to gain root access on an Android device (as far as i am aware). Apps like SuperSU allow you to pick the apps that are allowed to run as root, but there is no password or verification that the entity approving the access actually has the authority to do so. I hear all the time that rooting your phone is a trade-off between customizability and security, but every Linux system has a root user and it is incredibly secure when properly administered. What is the reason for the difference?
From what I have read, it sounds like part of the issue has to do with Android handling users differently. I would love to be able to maintain a more limited root function on my devices. Thanks.
funkbuqet said:
This is something I have been wondering for a while and after searching the forums and Google I have not been able to find a clear answer. As a long time Linux user the idea of running your system as root all the time is appalling. It is a huge security risk. But for some reason that is really the only way to gain root access on an Android device (as far as i am aware). Apps like SuperSU allow you to pick the apps that are allowed to run as root, but there is no password or verification that the entity approving the access actually has the authority to do so. I hear all the time that rooting your phone is a trade-off between customizability and security, but every Linux system has a root user and it is incredibly secure when properly administered. What is the reason for the difference?
From what I have read, it sounds like part of the issue has to do with Android handling users differently. I would love to be able to maintain a more limited root function on my devices. Thanks.
Click to expand...
Click to collapse
You can set a passcode with SuperSU....
Thanks for the reply. That is good to know. Does that really fill the security gap though? I guess if I set My non-background root permissions to expire every 15 minutes that does help for apps that do not need to run as root in the background.
I am more referring to the distinction between regular user land and the root user. Titanium Backup for example; If I want it to be able to run a full backup (including system apps and settings) of my phone every night I have to give it permanent root permissions. That root permission applies to both the automatic process and anything that I as a user (or any entity that can get control of TB) to act as root as well. Ideally there would be 2 separate instances of the program; the back-up process (a daemon perhaps) initiated by the root user and a second available in regular user space. This sort of thing is common on Linux systems.
My knowledge of Android is not particularly deep. I cannot tell if there is actually a separate root user or how user/group permissions work. It seems that the Android framework is designed around the user not having root access. Which is a bit confusing for an OS that prides itself on customization and "Be together not the same". I can't imagine buying a desktop PC that didn't allow me to have system level (root) access. Why should it be any different on a mobile device?

[Q] Is there a way to hide apps from each other?

I'm no pro, so forgive anything stupid I may say in advance. I recently learned that any android application has permission to see any application installed on your device. I'm a bit of a privacy nut, and I have concerns with this for a plethora of reasons. I was hoping to learn of a method that would allow me to somehow prevent apps from being able to see what's installed, or at minimum, mask the actual application names so the data an app gets is useless for any purposes they may have for it.
Is there any way to achieve such a thing?
I'm no pro either, but what I do is I use two apps to accomplish this. The first is MyAppSharer (no root required). The second is Advanced Permission Manager (again, no root required). Both can be found on the play store.
First I use MyAppSharer to create an .apk of the app I want to isolate. Place it In the download folder (or any folder of your choosing). Next I install the .apk with Advanced Permission Manager. While installing simply uncheck the 'view other apps permission' or whatever it's called and that might work.
The only concern I have is that apps usually check to see if they have access to all their permissions before startup, and if one is missing it might either not allow you to launch the app or or will crash. Or it'll work perfectly fine and all's well
Good luck
I think you need to hide apps and permission manager. For me, I used to use Greenify, the ForceStop as permission manager, which are available on xposed module repository, but they both require root.
For hiding apps, maybe the "PrivateMe" can help you, it also can hide photos, install apps in hidden mode.
Dresden_ said:
I'm no pro, so forgive anything stupid I may say in advance. I recently learned that any android application has permission to see any application installed on your device. I'm a bit of a privacy nut, and I have concerns with this for a plethora of reasons. I was hoping to learn of a method that would allow me to somehow prevent apps from being able to see what's installed, or at minimum, mask the actual application names so the data an app gets is useless for any purposes they may have for it.
Is there any way to achieve such a thing?
Click to expand...
Click to collapse
The sudo hide xposed module is exactly what you want to figure out
You will get first list of apps where you have to select ''which app to hide"
Then you will get second list of apps where you can select "from which apps to hide that app"
If you want any help regarding xposed,reply me back
Please push the thanks button if it helped
Enjoy:victory::victory:
Regards milkyway3

How to restrict/block access to settings with adb (no root)

How to restrict/block access to settings with adb and is it possible to do it with no root.​If impossible (and only if impossible) with no root other no root alternatives would be appreciated.
I'm doing this bc everytime I restart my phone the third party apps that should block access to settings aren't started as yet so it leaves an opening for settings to be accessed.
I am a noob with adb so a little explanation would be very welcome.
Today is Monday said:
How to restrict/block access to settings with adb and is it possible to do it with no root.​If impossible (and only if impossible) with no root other no root alternatives would be appreciated.
I'm doing this bc everytime I restart my phone the third party apps that should block access to settings aren't started as yet so it leaves an opening for settings to be accessed.
I am a noob with adb so a little explanation would be very welcome.
Click to expand...
Click to collapse
Probably not. If you want to control things on your device other than the things you have installed yourself, it almost always requires root. There are apps and tools that claim to be able to do things without root but they are not effective.
Droidriven said:
Probably not. If you want to control things on your device other than the things you have installed yourself, it almost always requires root. There are apps and tools that claim to be able to do things without root but they are not effective.
Click to expand...
Click to collapse
So disabling specific UI Buttons would also need root?
Today is Monday said:
So disabling specific UI Buttons would also need root?
Click to expand...
Click to collapse
It may or may not depend on which buttons you mean and on what you mean by disable, I suppose. But, generally, modifying the kinds of things you want to modify requires root because the things that need to be accessed and modified are in the system partition, the user has no control of system without root. Without root the user can generally only access, use, read/write/delete and modify things in the data or data/media partitions(userspace).
Droidriven said:
It may or may not depend on which buttons you mean and on what you mean by disable, I suppose. But, generally, modifying the kinds of things you want to modify requires root because the things that need to be accessed and modified are in the system partition, the user has no control of system without root. Without root the user can generally only access, use, read/write/delete and modify things in the data or data/media partitions(userspace).
Click to expand...
Click to collapse
Nvm the sheer no. of buttons that give access to settings make it that it would probably be better to disable the pull down feature altogether not even gonna mention the no. of the buttons outside the pull down feature.
Is there anyway without root to just make my phone inaccessible for 2-3 mins after it starts up so it can load the third party apps that block settings? I'm feeling pretty hopeless rn tbh.
Today is Monday said:
Nvm the sheer no. of buttons that give access to settings make it that it would probably be better to disable the pull down feature altogether not even gonna mention the no. of the buttons outside the pull down feature.
Is there anyway without root to just make my phone inaccessible for 2-3 mins after it starts up so it can load the third party apps that block settings? I'm feeling pretty hopeless rn tbh.
Click to expand...
Click to collapse
You've already been given the answer to that question. As stated, the things that need to be changed in order to get the result that you want, requires root.
Requires root
Requires root
Requires root
Again...
It requires root.
Why does it require root? Because you cannot access the system partition without root. The system apps are loaded first, then user apps are loaded during startup, therefore, the system apps will always beat the third party apps to the punch, unless you root the device and do something like modify parts of the system partition or add your third party apps to the system partition so that they load when the system loads during startup.
Droidriven said:
You've already been given the answer to that question. As stated, the things that need to be changed in order to get the result that you want, requires root.
Requires root
Requires root
Requires root
Again...
It requires root.
Why does it require root? Because you cannot access the system partition without root. The system apps are loaded first, then user apps are loaded during startup, therefore, the system apps will always beat the third party apps to the punch, unless you root the device and do something like modify parts of the system partition or add your third party apps to the system partition so that they load when the system loads during startup.
Click to expand...
Click to collapse
Thx for answering. Sorry if I annoyed you didn't mean to

ADB App Management APK

This was built using Tasker but I'll share the extracted APK from App Factory below so it can be used without Tasker.
This is similar to ADB App Control for PC in its functioning. It has several executable commands that can be performed on applications in batches. Current commands are: Install, Enable, Disable, Uninstall, Uninstall Updates, and Reinstall. Requires ADB WiFi access to use. ROOT NOT REQUIRED. Can perform all commands on system applications.
In a nutshell, it makes debloating and re-bloating automated and quick. Can filter applications to show: System, User, Enable, Disabled, and Uninstalled. Also can combine filters and color code applications by their current state. Recently added the ability to save custom lists for quick recall of certain applications.
No experience with ADB necessary.
If you're not sure what uninstalling or disabling system applications can do to your device, you should probably not use this. I take no responsibility for any software issues that occur as a result from using this tool.
TaskerNet Task Import: CLICK HERE
Direct APK for use without Tasker below

Categories

Resources